ExamGecko
Login
Home / ISC / CISSP / List of questions
Ask Question

ISC CISSP Practice Test - Questions Answers, Page 55

List of questions

Question 541

Report Export Collapse

Which of the following is a characteristic of an internal audit?

An internal audit is typically shorter in duration than an external audit.
An internal audit is typically shorter in duration than an external audit.
The internal audit schedule is published to the organization well in advance.
The internal audit schedule is published to the organization well in advance.
The internal auditor reports to the Information Technology (IT) department
The internal auditor reports to the Information Technology (IT) department
Management is responsible for reading and acting upon the internal audit results
Management is responsible for reading and acting upon the internal audit results
Suggested answer: D
asked 18/09/2024
Gabriel Paschoalatto
48 questions

Question 542

Report Export Collapse

Which of the following is a responsibility of a data steward?

Ensure alignment of the data governance effort to the organization.
Ensure alignment of the data governance effort to the organization.
Conduct data governance interviews with the organization.
Conduct data governance interviews with the organization.
Document data governance requirements.
Document data governance requirements.
Ensure that data decisions and impacts are communicated to the organization.
Ensure that data decisions and impacts are communicated to the organization.
Suggested answer: A
asked 18/09/2024
Neftali Baez-Feliciano
38 questions

Question 543

Report Export Collapse

What is the MAIN goal of information security awareness and training?

To inform users of the latest malware threats
To inform users of the latest malware threats
To inform users of information assurance responsibilities
To inform users of information assurance responsibilities
To comply with the organization information security policy
To comply with the organization information security policy
To prepare students for certification
To prepare students for certification
Suggested answer: B
asked 18/09/2024
Dominique Dusabe
47 questions

Question 544

Report Export Collapse

Proven application security principles include which of the following?

Minimizing attack surface area
Minimizing attack surface area
Hardening the network perimeter
Hardening the network perimeter
Accepting infrastructure security controls
Accepting infrastructure security controls
Developing independent modules
Developing independent modules
Suggested answer: A
asked 18/09/2024
Juan Garrido Soler
38 questions

Question 545

Report Export Collapse

When developing a business case for updating a security program, the security program owner MUST do which of the following?

Identify relevant metrics
Identify relevant metrics
Prepare performance test reports
Prepare performance test reports
Obtain resources for the security program
Obtain resources for the security program
Interview executive management
Interview executive management
Suggested answer: A
asked 18/09/2024
Ryan Edwards
46 questions

Question 546

Report Export Collapse

From a security perspective, which of the following assumptions MUST be made about input to an application?

It is tested
It is tested
It is logged
It is logged
It is verified
It is verified
It is untrusted
It is untrusted
Suggested answer: D
asked 18/09/2024
István Balla
43 questions

Question 547

Report Export Collapse

Which of the following is the BEST reason for writing an information security policy?

To support information security governance
To support information security governance
To reduce the number of audit findings
To reduce the number of audit findings
To deter attackers
To deter attackers
To implement effective information security controls
To implement effective information security controls
Suggested answer: A
asked 18/09/2024
San Min Oo
49 questions

Question 548

Report Export Collapse

What is the PRIMARY goal of fault tolerance?

Elimination of single point of failure
Elimination of single point of failure
Isolation using a sandbox
Isolation using a sandbox
Single point of repair
Single point of repair
Containment to prevent propagation
Containment to prevent propagation
Suggested answer: A
asked 18/09/2024
Nicola Grossi
44 questions

Question 549

Report Export Collapse

Which of the BEST internationally recognized standard for evaluating security products and systems?

Payment Card Industry Data Security Standards (PCI-DSS)
Payment Card Industry Data Security Standards (PCI-DSS)
Common Criteria (CC)
Common Criteria (CC)
Health Insurance Portability and Accountability Act (HIPAA)
Health Insurance Portability and Accountability Act (HIPAA)
Sarbanes-Oxley (SOX)
Sarbanes-Oxley (SOX)
Suggested answer: B
asked 18/09/2024
fabio josca
40 questions

Question 550

Report Export Collapse

Which one of the following data integrity models assumes a lattice of integrity levels?

Take-Grant
Take-Grant
Biba
Biba
Harrison-Ruzzo
Harrison-Ruzzo
Bell-LaPadula
Bell-LaPadula
Suggested answer: B
asked 18/09/2024
Timothy Luisterburg
35 questions
Total 1.482 questions
Go to page: of 149
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which Open Systems Interconnection (OSI) layer(s) BEST corresponds to the network access layer in the Transmission Control Protocol/Internet Protocol (TCP/IP) model?
All of the following items should be included in a Business Impact Analysis (BIA) questionnaire EXCEPT questions that
An organization is preparing to achieve General Data Protection Regulation (GDPR) compliance. The Chief Information Security Officer (CISO) is reviewing data protection methods. Which of the following is the BEST data protection method?
Which one of the following would cause an immediate review and possible change to the security policies of an organization?
Which of the following are all elements of a disaster recovery plan (DRP)?
What is the MAIN reason for testing a Disaster Recovery Plan (DRP)?
Which of the following BEST describes the objectives of the Business Impact Analysis (BIA)?
Which of the following would BEST support effective testing of patch compatibility when patches are applied to an organization's systems?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
In what phase of the System Development Life Cycle (SDLC) should security training for the development team begin?